Guide to cyber threat modelling
CSA issued the Guide to Conducting Cybersecurity Risk Assessment for Critical Information Infrastructure in December 2019 (subsequently revised in Feb 2021). The document provided guidance to Critical Information Infrastructure Owners (CIIOs) on performing a proper cybersecurity risk assessment, and briefly covered steps for threat modelling as part of the risk assessment.
This document supplements the aforementioned document by elaborating on threat modelling, and aims to provide a practical and systematic way to identify threat events that can be used in a cybersecurity risk assessment. It will introduce various approaches and methods of threat modelling, and provide a suggested framework, coupled with practical examples, for individuals and groups to adopt to derive a robust system threat model and relevant threat events. System owners can then incorporate these threat events into their cybersecurity risk assessment to develop and prioritise effective controls.